Hi, On Sat, Nov 16, 2019 at 11:01:24AM +0100, Boris wrote: > on a friends linux router I found a running openvpn 2.0. We are in > trouble with this router because of repeatedly connection requests that > are unsuccessful but kill the openvpn server after some time.
So the "openvpn 2.0" on the router is killed after some time (due to
back packets coming from the Internet), or is *this* process killing
another server?
Generally speaking: use tls-auth. This will stop all packets from
unauthorized sources from generating state and eating memory in the
openvpn server process (it will still eat up some CPU, but if that is
enough to crash the server, you need a faster CPU - or move the openvpn
service to another port).
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
